Samba releases 3.2.0 to 4.8.3 (inclusive) contain an error in libsmbclient that could allow a malicious server to overwrite client heap memory by returning an extra long filename in a directory listing.
External Reference: https://www.samba.org/samba/security/CVE-2018-10858.html
Created samba tracking bugs for this issue: Affects: fedora-all [bug 1618697]
This issue has been addressed in the following products: Red Hat Gluster Storage 3.4 for RHEL 7 Via RHSA-2018:2613 https://access.redhat.com/errata/RHSA-2018:2613
This issue has been addressed in the following products: Red Hat Gluster Storage 3.4 for RHEL 6 Via RHSA-2018:2612 https://access.redhat.com/errata/RHSA-2018:2612
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:3056 https://access.redhat.com/errata/RHSA-2018:3056
This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 Via RHSA-2018:3470 https://access.redhat.com/errata/RHSA-2018:3470